package cn.edu.ctbu.yrx.api;

import cn.edu.ctbu.yrx.constant.REnum;
import cn.edu.ctbu.yrx.entity.User;
import cn.edu.ctbu.yrx.service.UserService;
import cn.edu.ctbu.yrx.util.RUtil;
import cn.edu.ctbu.yrx.vo.R;
import jakarta.servlet.http.HttpServletRequest;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;


@RestController
@RequestMapping("/api/admin/user")
public class LoginApiController {

    @Autowired
    private UserService userService;

    @GetMapping("/validateUser")
    public R validateUsernameAndPassword(String username, String password, Integer role, HttpServletRequest request) throws Exception {
        User user = userService.validateUsernameAndPassword(username, password);

        // 添加角色验证
        if (user.getRole() != role) {
//            throw new RException(REnum.ROLE_MISMATCH);
            return RUtil.error(REnum.ROLE_MISMATCH);
        }

        request.getSession().setAttribute("userInfo", user);
        return RUtil.success(user); // 返回角色给前端
    }
}
